From 6f87a3e80314b08526957a3b1ddb00ae528c87d1 Mon Sep 17 00:00:00 2001 From: Josh Lane Date: Fri, 29 May 2015 14:14:30 -0700 Subject: [PATCH] generate an iam user and re-use data --- lib/fog/aws/iam.rb | 20 ++++++++++++++++--- lib/fog/aws/requests/iam/create_access_key.rb | 11 +++++----- lib/fog/aws/requests/iam/get_user.rb | 7 +++++++ tests/models/iam/users_tests.rb | 20 +++++++++++++++++++ 4 files changed, 50 insertions(+), 8 deletions(-) diff --git a/lib/fog/aws/iam.rb b/lib/fog/aws/iam.rb index a1bb43181..b3e1ed326 100644 --- a/lib/fog/aws/iam.rb +++ b/lib/fog/aws/iam.rb @@ -176,6 +176,8 @@ module Fog Fog::Mock.random_hex(16) end + attr_reader :current_user_name + def initialize(options={}) @use_iam_profile = options[:use_iam_profile] @aws_credentials_expire_at = Time::now + 20 @@ -184,7 +186,7 @@ module Fog end def data - self.class.data[@aws_access_key_id] + self.class.data[@root_access_key_id] end def account_id @@ -192,12 +194,24 @@ module Fog end def reset_data - self.class.data.delete(@aws_access_key_id) + self.class.data.delete(@root_access_key_id) current_user end def setup_credentials(options) @aws_access_key_id = options[:aws_access_key_id] + existing_user = nil + + @root_access_key_id, _ = self.class.data.find { |_, d| + d[:users].find { |_, user| + existing_user = user[:access_keys].find { |key| + key["AccessKeyId"] == @aws_access_key_id + } + } + } + + @root_access_key_id ||= @aws_access_key_id + @current_user_name = existing_user ? existing_user["UserName"] : "root" end def current_user @@ -206,7 +220,7 @@ module Fog root[:arn].gsub!("user/", "") # root user doesn't have "user/" key prefix end - self.data[:users]["root"] + self.data[:users][self.current_user_name] end end diff --git a/lib/fog/aws/requests/iam/create_access_key.rb b/lib/fog/aws/requests/iam/create_access_key.rb index fe189c690..c21cbd2dc 100644 --- a/lib/fog/aws/requests/iam/create_access_key.rb +++ b/lib/fog/aws/requests/iam/create_access_key.rb @@ -38,16 +38,17 @@ module Fog if data[:users].key? user access_keys_data = data[:users][user][:access_keys] else - raise Fog::AWS::IAM::NotFound.new('The user with name #{user_name} cannot be found.') + raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end else access_keys_data = data[:access_keys] end - key = { 'SecretAccessKey' => Fog::Mock.random_base64(40), - 'Status' => 'Active', - 'AccessKeyId' => Fog::AWS::Mock.key_id(20), - } + key = { + 'SecretAccessKey' => Fog::Mock.random_base64(40), + 'Status' => 'Active', + 'AccessKeyId' => Fog::AWS::Mock.key_id(20), + } if user key["UserName"] = user end diff --git a/lib/fog/aws/requests/iam/get_user.rb b/lib/fog/aws/requests/iam/get_user.rb index 7979acb6d..932857b34 100644 --- a/lib/fog/aws/requests/iam/get_user.rb +++ b/lib/fog/aws/requests/iam/get_user.rb @@ -51,6 +51,13 @@ module Fog 'CreateDate' => user[:created_at] } + unless @current_user_name == "root" + user_body.merge!( + 'Path' => user[:path], + 'UserName' => @current_user_name + ) + end + elsif !self.data[:users].key?(username) raise Fog::AWS::IAM::NotFound.new("The user with name #{username} cannot be found.") else diff --git a/tests/models/iam/users_tests.rb b/tests/models/iam/users_tests.rb index 7dcf1f002..32ece1236 100644 --- a/tests/models/iam/users_tests.rb +++ b/tests/models/iam/users_tests.rb @@ -56,6 +56,26 @@ Shindo.tests("Fog::Compute[:iam] | users", ['aws','iam']) do user.access_keys.empty? end + # test that users create in mock and be signed in via access key and share data + if Fog.mocking? + tests("mocking access key usage") do + access_key = user.access_keys.create + + user_client = Fog::AWS::IAM.new( + :aws_access_key_id => access_key.identity, + :aws_secret_access_key => access_key.secret_access_key + ) + + tests("sets correct data").succeeds do + user_client.users.size > 1 + end + + tests("set current user name").succeeds do + user_client.current_user_name == user.identity + end + end + end + tests('#password=nil', 'without a password').succeeds do user.password = nil user.password_created_at.nil?